US cyber policy goals have regressed during Trump 2.0 in ‘unprecedented setback,’ landmark report says

A landmark progress report tied to a congressionally-mandated cyber policy body shows that the federal government’s cyber policy posture has regressed by roughly 13% on advances made in prior years, marking the first major reversal since the group’s creation. 

The analysis — delivered Wednesday by the Cyberspace Solarium Commission 2.0 in the Foundation for Defense of Democracies — illustrates the high-level consequences of hollowing out the federal cyber workforce amid broader efforts to reorganize the government and make it more efficient in the eyes of the White House and top agency leaders. Since February, the Trump administration has moved to shrink the federal workforce and shutter offices it claims undermine American ideals.

“Nearly a quarter of fully implemented recommendations have lost that status — an unprecedented setback that underscores the fragility of progress,” a report summary says.

The findings recommend the Trump administration restore workforce and funding to the Cybersecurity and Infrastructure Security Agency and cyber diplomacy staff within the State Department, both of which have been marked by significant cuts. The report also contends that the rollback of diversity, equity and inclusion initiatives in the second Trump administration have slowed the intake of skilled job candidates from nontraditional backgrounds, narrowing the government’s cyber talent pool.

Among the most grievous setbacks includes government work on countering disinformation and foreign malign influence, especially within the Department of Homeland Security, where CISA is housed. The Trump administration has framed that work largely as a censorship regime that’s suppressed Americans’ First Amendment rights.

Cyber foreign assistance — a core aspect of State Department operations and work under the now defunct U.S. Agency for International Development — has also regressed significantly, the report concludes. 

The yearly findings have measured progress on goals outlined by the original Cyberspace Solarium Commission, which was established five years ago via legislation to build a governmentwide strategy for cybersecurity. The report is one of the few comprehensive blueprints that regularly examines nearly every arm of U.S. government work on cyber matters, including agencies, commissions, standards-setting bodies and research funding.

Mark Montgomery, a former Navy rear admiral who serves as senior director of FDD’s Center on Cyber and Technology Innovation, is most concerned by the cuts inside CISA. To date, around a third of the agency’s workforce has been terminated or left through deferred resignation and early retirement programs made available to its staff. 

“35 years in the military, I never had a head or subordinate come up to me and say, ‘Sir, what I really need right now is a 35% reduction in workforce,’” Montgomery said at a Wednesday FDD event discussing the findings.

“I think [the CISA cuts] sting the most,” he added. “And I just wish they could get over it and say ‘We made a mistake, we’re putting the money back in there.’”

CSC has been deemed a major force behind contemporary U.S. cyber policy decisions. Lawmakers in the original commission — which included then-Reps. Jim Langevin, D-R.I., and Mike Gallagher, R-Wis., as well as Sen. Angus King, I-Maine — formed the backbone that created the Office of the National Cyber Director, which has helped the federal government pursue various cyber priorities. Sean Cairncross, the first national cyber director under Trump, was confirmed to his post in August.

Many of the elements that stood up under the CSC’s direction still exist but haven’t endured or been set on the right path, said Jiwon Ma, an FDD senior policy analyst who also authored the findings.

“I know that that is a strong language, but I think that we haven’t been doing well in terms of preparing,” said Ma. “We’re good at standing up things like the [Office of the National Cyber Director]. “We gave them funding, we brought the personnel, but then we didn’t consistently think about what it needed as it grew.” 

ONCD in the past has had tensions with cyber elements in the National Security Council, both of which sit in the White House.

A White House spokesperson did not immediately return a request for comment. An automated email said there may be response delays due to the ongoing government shutdown.

At the Wednesday event, King, in prerecorded remarks, called the report’s results “frustrating.”

“At a time when we’re seeing the cyber threat increase dramatically, we’re unilaterally disarming, and we’re not making the progress that we ought to make,” he said.

On the sidelines of the event, Langevin told reporters that he hopes the Trump administration will give Cairncross and Sean Plankey — nominated but not yet confirmed to lead CISA — the runway they need to achieve their goals. Gallagher, also speaking with reporters, agreed and said he is “bullish” on the opportunity to hammer out mission sets across the government’s cyber enterprise.

Cybersecurity has been historically a bipartisan darling of Washington, but CISA, deemed the nation’s core civilian cyberdefense agency, has become a recent subject of political scuffles due to its prior work combatting mis- and disinformation.

The agency has faced scrutiny from the Trump administration for some time. Top officials have aimed to “refocus” its mission amidst GOP accusations that the agency engaged in censorship of Americans’ free speech. Those claims stem from CISA’s earlier collaboration with social media platforms to remove false information online concerning the COVID-19 pandemic, elections and other divisive subjects around 2020.

That dynamic has carried over to other offices handling cyber and disinfo work, including inside the State Department, FBI and Office of the Director of National Intelligence, which oversees that nation’s 18 spy agencies.

All told, the Trump cyber team is still getting into place, and the ongoing shutdown has slowed progress in those areas.

“I’m deeply concerned about the level of cuts. You have to have the people doing the job, and it’s really important that you continue to build capacity there. So I don’t know how they’re going to recover from [the reductions],” Langevin said. “But I’m willing to give the administration the benefit of the doubt that we are going to build that capacity and … continue the mission.”